All geek questions in one place

Python MySQLdb with SELinux

I am using the mySQLdb module in my django application, which is connected to Apache through WSGI. However, I get permissions (see below). It depends on SElinux, and if I set it to passive, everything will be fine.

Incorrect Configured: Error loading MySQLdb module: / opt / django / virtenv / django 15 / lib / python2.7 / site-packages / _mysql.so: could not display a segment from a shared object: Permission denied

What is the best way to update SELinux to enable this without disabling the whole thing. The error is shown below:

Incorrect Configured: Error loading MySQLdb module: / opt / django / virtenv / django 1 / lib / python2.7 / site-packages / _mysql.so: cfailed to display a segment from a shared object: Permission denied

+6
source share
4 answers

As @ Gohn67 suggests, change the SELinux security context of the corresponding file to allow the HTTPD process to execute it:

sudo chcon -R -h -t httpd_sys_script_exec_t /opt/django/virtenv/django15/lib/python2.7/site-packages/_mysql.so
+7
source

To be more precise, do:

 # ls -lZ /opt/django/virtenv/django1/lib/python2.7/site-packages # ls -lZ /opt/django/virtenv/django1/lib/python2.7/site-packages/_mysql.so # grep mysql /var/log/audit/audit.log | audit2allow -w -a -r -v # grep mysql /var/log/audit/audit.log | audit2allow -a -r -R mysql
0
source

A couple of permissions that I notice:

  • Make sure your credentials for mySQLdb have access to the database.
  • If you are using an IP and port to connect to the database, try using localhost.
  • Make sure the user (chmod permissions) has access to the folder where mySQL stores the material. Sometimes when storing multimedia and things, he needs permission to the actual folder.
  • Finally, I would try resetting the Apache server (and not the whole machine).
0
source

I don't know why, but it works for me

 $ sudo chcon -t shlib_t /opt/django/virtenv/django15/lib/python2.7/site-packages/*.so
0
source

Source: https://habr.com/ru/post/979984/

More articles:


All Articles